Distributed denial-of-service (DDoS) attacks directed at the blog of prominent Russian political activist Alexey Navalny resulted in repeated downtime for the entire LiveJournal platform.According to security experts from Russian antivirus vendor Kaspersky Lab who have been keeping an eye on one of the botnets used, the attacks began in the second half of March.
"Analysis of the data acquired showed that the first DDoS attack on LiveJournal occurred on 24 March.
"The botnet’s owners gave the command to launch an attack on the blog address of the renowned anti-corruption figure Alexey Navalny: http://navalny.livejournal.com," says Kaspersky's Maria Garnaeva.
Navalny is a strong anti-corruption voice in Russia and he is well known for his ability to organize large-scale online petitions. He is also a minor stockholder in several large state-owned corporations.
The botnet monitored by Kaspersky is based on the Optima/Darkness DDoS malware which is common in the Russian-speaking cybercrime world.
Optima botnets are usually available for renting or buying on the underground black market. Their operators also perform DDoS on demand.
There are probably multiple botnets participating in the attacks against Navalny's Web properties, but their exact number or size is not known.
Kaspersky points out the attacks continued on an almost daily basis and also targeted other activist websites like rospil.info and www.rutoplivo.ru.
On April 4, however, attackers broaden their target and hit many LiveJournal blogs, causing severe service disruptions for the platform.
"It should be obvious to specialists in the Russian-speaking blogosphere that the list affects some of the most popular bloggers on LiveJournal who write about a wide variety of things," Ms. Garnaeva says.
A LiveJournal spokesperson acknowledged the attacks, but said the company has not yet approached the authorities about the situation, although this option is not excluded.